Xml Serialization

[Sascha Dietl]

Hi NG,

I got a problem while decrypting an encrypted a Serialized class:
I Serialize a simple class to a Stream then encrypt it and write it to file
everything seems to work here until i try to read the file and decrypt it.
When i read the file into a byte array everything seems to be correct but
when I get to decrypt the byte array i get just \0 for the length of the
byte array. The Problem occurs when the byte array is decrypted by the cryptostream
and written to the memorystream. In my opinion it seems the memorystream
doesn't like the " occuring in the xml, but i don't get any exceptions, any
ideas?
BTW all parameters for decrypting are the same as used for encryption.

regards
sascha

 

[Ollie Riches]

How are you manipulating the file, text or binary?

If text are you converting it to a base64 text first?

Hope this helps

Ollie Riches

 

[Marc Gravell]

Sounds like it should work (although hard to tell without code).

This isn't as simple as forgetting to rewind a stream, is it?

Marc

 

[Sascha Dietl]

Hello Marc,

Sounds like it should work (although hard to tell without code).

This isn't as simple as forgetting to rewind a stream, is it?

no it isn't. I use the binary from the serilized stream, if i write directly
to file first, then open it, encrypt and write to another it works really
fine, but that's not the preferred way..... here's some code:

using (MemoryStream stream = X0Serialization.XmlSerializer.Serialize(typeof(ProbingPaths),
ProbingPaths)) {
FileCryptography.Encrypt(stream, Filename);
}

encrypt is just the function that does the symmetric cryptography I think
code for that is not needed as it only get's the bytes from the MemoryStream
and encrypt them.
Here's the Serialized class, really simple!

[Serializable(), MSSerialization.XmlRoot("Probing")]
public sealed class ProbingPaths {
[DebuggerBrowsable(DebuggerBrowsableState.Never)]
private List<string> paths;

[MSSerialization.XmlElement(ElementName="PrivatePath")]
public List<string> Paths {
get {
if (this.paths != null) {
return this.paths;
} else {
return Paths = new List<string>();
}
}

set {
paths = value;
}
}

public ProbingPaths() {
}
}

The serialization is done this way:
public static MemoryStream Serialize(Type type, object o) {
MemoryStream stream = new MemoryStream();

try {
System.Xml.Serialization.XmlSerializer serializer = new System.Xml.Serialization.XmlSerializer(type);
serializer.Serialize(stream, o);

return stream;
} catch {
throw;
}
}

so i think there are no possibilities to produce silly errors by code, or?

regards
sascha

 

[Marc Gravell]

Without saying "I told you so" [damn!] the stream hasn't been rewound...

I'm assuming that the Encrypt method Read()s from the stream to spits into
Filename; well, there isn't anything to read, as the Serialize method leaves
the memory stream at the end.

A short-term solution would be to set stream.Position = 0 before calling
Encrypt. Personally, I would be daisy-chaining the streams - i.e. I have a
file stream, and on top of that I sit an encryption stream. I then serialize
into the encryption stream, which scrambles the data, writing into the file
stream. And the reverse for reading. The advantage is that you don't have to
buffer everything into memory first.

At the end of the day, streams are "pipes", not "buckets"; they shouldn't
/hold/ data; they should /channel/ it. Most data-changing streams
(compression, encryption) are happy to be plumbed together to make
interesting combinations, e.g. a compression stream into an encryption
stream into a file stream.

Marc